Here is the complete IPN: <?php // PHP 4.1 $paypal_sandbox = false; // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.1\r\n"; if ($paypal_sandbox) $header .= "Host: www.sandbox.paypal.com\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; if ($paypal_sandbox) $fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); else $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; if (!$fp) { mail('<an email address>', 'ERROR CONNECTING', $errno.' '.$errstr); // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { session_id($_POST['custom']); session_start(); $data = file_get_contents('temp/data/'.$_POST['custom']); mail('<an email address>', 'DATA', $data); $_SESSION = unserialize($data); include_once('config.php'); if(isset($_SESSION['uid']) && $_SESSION['uid'] != 0) $order_number = orderpayment(1); else $order_number = orderpayment(); if (is_file('temp/data/'.$_POST['custom'])) { //@unlink('temp/data/'.$_POST['custom']); $_SESSION['order_number'] = $order_number; // append the order number to the file $h = fopen('temp/data/'.$_POST['custom'], 'w'); fwrite($h, serialize($_SESSION)); fclose($h); } } else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation } } fclose ($fp); } ?>
... View more